Home | Amazing | Today | Tags | Publishers | Years | Account | Search 
The Basics of Web Hacking: Tools and Techniques to Attack the Web

Buy

The Basics of Web Hacking introduces you to a tool-driven process to identify the most widespread vulnerabilities in Web applications. No prior experience is needed. Web apps are a "path of least resistance" that can be exploited to cause the most damage to a system, with the lowest hurdles to overcome. This is a perfect storm for beginning hackers. The process set forth in this book introduces not only the theory and practical information related to these vulnerabilities, but also the detailed configuration and usage of widely available tools necessary to exploit these vulnerabilities.

The Basics of Web Hacking provides a simple and clean explanation of how to utilize tools such as Burp Suite, sqlmap, and Zed Attack Proxy (ZAP), as well as basic network scanning tools such as nmap, Nikto, Nessus, Metasploit, John the Ripper, web shells, netcat, and more. Dr. Josh Pauli teaches software security at Dakota State University and has presented on this topic to the U.S. Department of Homeland Security, the NSA, BlackHat Briefings, and Defcon. He will lead you through a focused, three-part approach to Web security, including hacking the server, hacking the Web app, and hacking the Web user.

With Dr. Pauli’s approach, you will fully understand the what/where/why/how of the most widespread Web vulnerabilities and how easily they can be exploited with the correct tools. You will learn how to set up a safe environment to conduct these attacks, including an attacker Virtual Machine (VM) with all necessary tools and several known-vulnerable Web application VMs that are widely available and maintained for this very purpose. Once you complete the entire process, not only will you be prepared to test for the most damaging Web exploits, you will also be prepared to conduct more advanced Web hacks that mandate a strong base of knowledge.

  • Provides a simple and clean approach to Web hacking, including hands-on examples and exercises that are designed to teach you how to hack the server, hack the Web app, and hack the Web user
  • Covers the most significant new tools such as nmap, Nikto, Nessus, Metasploit, John the Ripper, web shells, netcat, and more!
  • Written by an author who works in the field as a penetration tester and who teaches Web security classes at Dakota State University
(HTML tags aren't allowed.)

Cybersecurity: Managing Systems, Conducting Testing, and Investigating Intrusions
Cybersecurity: Managing Systems, Conducting Testing, and Investigating Intrusions

A must-have, hands-on guide for working in the cybersecurity profession

Cybersecurity involves preventative methods to protect information from attacks. It requires a thorough understanding of potential threats, such as viruses and other malicious code, as well as system vulnerability and security architecture. This...

Securing Social Media in the Enterprise
Securing Social Media in the Enterprise

Securing Social Media in the Enterprise is a concise overview of the security threats posed by the use of social media sites and apps in enterprise network environments. Social media sites and apps are now a ubiquitous presence within enterprise systems and networks, and are vulnerable to a wide range of digital systems attacks. This...

Cybercrime, Digital Forensics and Jurisdiction (Studies in Computational Intelligence)
Cybercrime, Digital Forensics and Jurisdiction (Studies in Computational Intelligence)

The purpose of law is to prevent the society from harm by declaring what conduct is criminal, and prescribing the punishment to be imposed for such conduct. The pervasiveness of the internet and its anonymous nature make cyberspace a lawless frontier where anarchy prevails. Historically, economic value has been assigned to visible and...


Cyber-Physical Attack Recovery Procedures: A Step-by-Step Preparation and Response Guide
Cyber-Physical Attack Recovery Procedures: A Step-by-Step Preparation and Response Guide

This book provides a template with step-by-step instructions on how to respond and recover when hackers get into your SCADA system and cause building equipment to act erratically or fail completely. When hackers shut off the water, turn off the building power, disable the sewage effluent pumps and activate the fire alarm, you have to do...

Machine Learning and Security: Protecting Systems with Data and Algorithms
Machine Learning and Security: Protecting Systems with Data and Algorithms

Can machine learning techniques solve our computer security problems and finally put an end to the cat-and-mouse game between attackers and defenders? Or is this hope merely hype? Now you can dive into the science and answer this question for yourself. With this practical guide, you’ll explore ways to apply machine learning to security...

Cyber-Physical Security and Privacy in the Electric Smart Grid (Synthesis Lectures on Information Security, Privacy, and Tru)
Cyber-Physical Security and Privacy in the Electric Smart Grid (Synthesis Lectures on Information Security, Privacy, and Tru)

This book focuses on the combined cyber and physical security issues in advanced electric smart grids. Existing standards are compared with classical results and the security and privacy principles of current practice are illustrated. The book paints a way for future development of advanced smart grids that operated in a peer-to-peer fashion,...

©2019 LearnIT (support@pdfchm.net) - Privacy Policy